CN116208320A - Method for managing data encryption and decryption keys, method for processing commands and related products - Google Patents

Method for managing data encryption and decryption keys, method for processing commands and related products Download PDF

Info

Publication number
CN116208320A
CN116208320A CN202111449633.7A CN202111449633A CN116208320A CN 116208320 A CN116208320 A CN 116208320A CN 202111449633 A CN202111449633 A CN 202111449633A CN 116208320 A CN116208320 A CN 116208320A
Authority
CN
China
Prior art keywords
command
namespace
password
data
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111449633.7A
Other languages
Chinese (zh)
Inventor
张扬
李小凤
王祎磊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chengdu Starblaze Technology Co ltd
Original Assignee
Chengdu Starblaze Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu Starblaze Technology Co ltd filed Critical Chengdu Starblaze Technology Co ltd
Priority to CN202111449633.7A priority Critical patent/CN116208320A/en
Publication of CN116208320A publication Critical patent/CN116208320A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/088Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)

Abstract

The application relates to a method for managing a data encryption and decryption key, a method for processing a command and related products, wherein the method for managing the data encryption and decryption key comprises the following steps: acquiring first random data, a storage device identification code and second random data, and acquiring encryption keys or decryption keys corresponding to one or more namespaces in the storage device according to the first random data, the storage device identification code and the second random data; and responding to the user password for adjusting the name space, and keeping the encryption key or the decryption key corresponding to the name space unchanged. According to the technical scheme, under the condition of adjusting the user password of the name space, repeated decryption and encryption of user data are not needed, and therefore processing efficiency and user experience are greatly improved.

Description

Method for managing data encryption and decryption keys, method for processing commands and related products
Technical Field
The present application relates generally to the field of data processing technology. More particularly, the present application relates to a method for managing data encryption and decryption keys, a method for processing commands, a controller, and a storage device.
Background
FIG. 1A illustrates a block diagram of a solid state storage device. The solid state storage device 102 is coupled to a host for providing storage capability for the host. The host and solid state storage device 102 may be coupled by a variety of means including, but not limited to, connecting the host to the solid state storage device 102 via, for example, SATA (Serial Advanced Technology Attachment ), SCSI (Small Computer System Interface, small computer system interface), SAS (Serial Attached SCSI ), IDE (Integrated Drive Electronics, integrated drive electronics), USB (Universal Serial Bus ), PCIE (Peripheral Component Interconnect Express, PCIE, peripheral component interconnect Express), NVMe (NVM Express), ethernet, fibre channel, wireless communications network, and the like. The host may be an information processing device capable of communicating with the storage device in the manner described above, such as a personal computer, tablet, server, portable computer, network switch, router, cellular telephone, personal digital assistant, or the like. The storage device 102 (hereinafter, solid-state storage device will be simply referred to as storage device) includes an interface 103, a control section 104, one or more NVM chips 105, and a DRAM (Dynamic Random Access Memory ) 110.
The NVM chip 105 described above includes NAND flash memory, phase change memory, feRAM (Ferroelectric RAM, ferroelectric memory), MRAM (Magnetic Random Access Memory, magnetoresistive memory), RRAM (Resistive Random Access Memory, resistive memory), and the like, which are common storage media.
The interface 103 may be adapted to exchange data with a host by way of, for example, SATA, IDE, USB, PCIE, NVMe, SAS, ethernet, fibre channel, etc.
The control unit 104 is used for controlling data transmission among the interface 103, the NVM chip 105 and the DRAM 110, and also for memory management, host logical address to flash physical address mapping, erase balancing, bad block management, etc. The control component 104 can be implemented in a variety of ways, such as software, hardware, firmware, or a combination thereof, for example, the control component 104 can be in the form of an FPGA (Field-programmable gate array, field programmable gate array), an ASIC (Application Specific Integrated Circuit, application-specific integrated circuit), or a combination thereof. The control component 104 may also include a processor or controller in which software is executed to manipulate the hardware of the control component 104 to process IO (Input/Output) commands. Control unit 104 may also be coupled to DRAM 110 and may access data of DRAM 110. FTL tables and/or cached data of IO commands may be stored in the DRAM.
The control section 104 issues a command to the NVM chip 105 in a manner conforming to the interface protocol of the NVM chip 105 to operate the NVM chip 105, and receives a command execution result output from the NVM chip 105. Known NVM chip interface protocols include "Toggle", "ONFI", and the like.
FTL (Flash Translation Layer ) is utilized in the storage device 102 to maintain mapping information from logical addresses (LBAs) to physical addresses. The logical addresses constitute the storage space of the solid state storage device as perceived by upper level software such as the operating system. The physical address is an address for accessing a physical storage unit of the solid state storage device. Address mapping may also be implemented in the related art using an intermediate address modality. For example, logical addresses are mapped to intermediate addresses, which in turn are further mapped to physical addresses. The table structure storing mapping information from logical addresses to physical addresses is called FTL table. FTL tables are important metadata in a storage device. The data items of the FTL table record address mapping relations in units of data units in the storage device.
Referring to fig. 1B, the control part includes a host interface 1041, a host command processing unit 1042, a storage command processing unit 1043, a medium interface controller 1044, and a storage medium management unit 1045. The host interface 1041 acquires an IO command provided by the host. The host command processing unit 1042 generates a storage command from the IO command and supplies the storage command to the storage command processing unit 1043. The store commands may access the same size of memory space, e.g., 4KB. The data unit of the data accessed by the corresponding one of the storage commands recorded in the NVM chip is referred to as a data frame. The physical page records one or more frames of data. For example, a physical page is 17664 bytes in size and a data frame is 4KB in size, and one physical page can store 4 data frames.
The storage medium management unit 1045 maintains a logical address to physical address conversion for each storage command. For example, the storage medium management unit 1045 includes FTL tables (FTL will be explained later). For a read command, the storage medium management unit 1045 outputs a physical address corresponding to a logical address (LBA) accessed by the storage command. For a write command, the storage medium management unit 1045 allocates an available physical address thereto, and records a mapping relationship of a logical address (LBA) to which it accesses and the allocated physical address. The storage medium management unit 1045 also maintains functions required to manage NVM chips, such as garbage collection, wear leveling, and the like.
The storage command processing unit 1043 operates the medium interface controller 1044 to issue a storage medium access command to the NVM chip 105 according to the physical address supplied from the storage medium management unit 1045.
With the increasing data storage technologies, solid state storage devices with large capacity are widely used, and in order to improve the security and independence of data, it is often necessary to store different types of data in relatively independent spaces or store data of different users in relatively independent spaces during use. In order to achieve the above-mentioned requirement of storing different types of data or different users' data in different namespaces, multiple namespaces (namespaces, NS) may be created in the solid-state storage device, that is, the memory space of the solid-state storage device is divided into multiple independent logical spaces, where each logical space is a Namespace. For a host, each namespace corresponds to an independent disk, i.e., is presented in the form of a disk, and its logical address is a continuous range; for solid state storage devices, each namespace contains several logical addresses, which may or may not be contiguous. In general, an SSD defaults to at least one namespace. A user may create namespaces for different features according to different needs, i.e. create several different namespaces on one SSD for the same or different users.
Disclosure of Invention
With the continuous improvement of data storage technology, in the use process of solid-state storage devices, besides considering that different types of data or data of different users are stored in different namespaces, safety and privacy of the data stored in each namespace need to be considered, for example, some namespaces are used for storing data which often need to be read and written, and other namespaces are used for storing important data which is not suitable for being read and written; even these types of data may change, for example, data that is originally required to be read and written frequently becomes data that is not suitable to be read and written, and data that is originally not suitable to be read and written becomes data that is required to be read and written. As another example, each user has a corresponding namespace to store data, and the user does not wish an unauthorized person to access or manage his own namespace. For another example, a user may wish to not only have access to or manage his or her own namespace, but also to have his or her own namespace in some cases in a display state to facilitate his or her own operation, and in other cases in a hidden state to avoid the person' s\35274. In view of this, in order to improve security and privacy of data corresponding to namespaces, it is necessary to provide a function of encrypting and managing each namespace, but in the existing NVMe protocol, namespaces and functions thereof are defined, and encryption and management functions for each namespace are not defined, so how to implement the encryption and management functions for each namespace is a problem to be solved.
In order to meet the above needs, one of the purposes of the present application is to provide a namespace-granularity encryption management function, that is, to set an independent encryption state (including a locked state and an unlocked state, for example) for each namespace, and in different encryption states, respond to the corresponding function, for example, in the locked state, the IO command cannot be processed, and in the unlocked state, the IO command can be processed. For another example, by using different encryption states, dynamic hiding of the namespaces can be realized, so that an operating system and a common user cannot see the namespaces in the locking state, and an administrator can see the namespaces in all states, thereby improving the safety of the storage device and reducing the probability of performing unauthorized operations by human intervention.
In addition, in the prior art, the storage space encryption key or decryption key is related to the set user password, and is generally changed along with adjustment of the user password. When data is already written in the namespace, the user password is changed for the data already written in the namespace (the user password is cancelled or a new user is set), the written data is read out and decrypted by the key corresponding to the user password before being changed to obtain decrypted data, and then the decrypted data is encrypted and stored in the namespace according to the key corresponding to the user password after being changed, and the operation is extremely time-consuming (possibly requiring several hours) because the capacity of the namespace can be very large (several TBs), so that poor user experience is caused. To address this problem, embodiments of the present application provide schemes that provide encryption and decryption functions for data in a namespace by breaking the association between a password and an encryption or decryption key, while meeting low latency requirements.
Still another object of the present application is to provide password management functionality for namespaces, i.e. to enable a user to set a password for one namespace, or to set the same or different passwords for different namespaces, thereby setting access and processing rights for namespaces, thereby improving security.
In addition, the method and the device utilize simpler predefined commands (different from NVMe protocol) to manage the namespaces and password, avoid adopting complex types of protocols and improve the efficiency of command processing.
Based on a first aspect of the present application, there is provided a method of managing namespaces according to the first aspect of the present application, comprising receiving a first command; in response to the first command indicating a first namespace, the first command is processed according to a state of the first namespace, and the state of the first namespace is changed or maintained.
Based on a second aspect of the present application, there is provided a method for encrypting and decrypting a key according to the first management Data of the second aspect of the present application, including obtaining first random Data (trng_data_2), a storage device identification code (chip ID), and second random Data (loc_trng_2), and obtaining an encryption key or a decryption key (last_rk) corresponding to one or more namespaces in a storage device according to the first random Data (trng_data_2), the storage device identification code (chip ID), and the second random Data (loc_trng_2); and responding to the user password for adjusting the name space, and keeping the encryption key or the decryption key corresponding to the name space unchanged.
According to the method for encrypting and decrypting the key by the first management data in the second aspect of the application, the method for encrypting and decrypting the key by the second management data in the second aspect of the application is provided, and the method further comprises the following steps: the encryption key or decryption key (last_rk) is stored in a buffer memory of the storage device.
According to the method for encrypting and decrypting the key by the first or second management data in the second aspect of the application, the method for encrypting and decrypting the key by the third management data in the second aspect of the application is provided, and the encryption keys or the decryption keys corresponding to any two namespaces in the storage device are different; or multiple namespaces in the storage device correspond to the same encryption key or decryption key.
According to the third method for managing data encryption and decryption keys in the second aspect of the application, a fourth method for managing data encryption and decryption keys in the second aspect of the application is provided, and user passwords corresponding to any two namespaces are the same; or the user passwords corresponding to the namespaces are different.
According to one of the methods for managing data encryption and decryption keys according to the first to fourth aspects of the present application, a method for managing data encryption and decryption keys according to the fifth aspect of the present application is provided, an IO command is received as a write command, a first namespace is indicated, and an encryption key corresponding to the first namespace is called to encrypt data to be written by the write command.
According to one of the methods for managing data encryption and decryption keys according to the first to fourth aspects of the present application, a method for managing data encryption and decryption keys according to the sixth aspect of the present application is provided, an IO command is received as a read command, a first namespace is indicated, and a decryption key corresponding to the first namespace is called to decrypt data read according to the read command.
According to one of the methods of encrypting and decrypting the data according to the first to sixth aspects of the present application, there is provided a method of encrypting and decrypting the data according to the seventh aspect of the present application, in response to receiving a plurality of IO commands indicating a plurality of first namespaces having the same encryption key or decryption key, encrypting or decrypting the data to be accessed by each IO command using the same encryption key or decryption key; or in response to receiving the plurality of IO commands indicating a plurality of first namespaces with different encryption keys or decryption keys, respectively calling the encryption key or the decryption key corresponding to each first namespace to encrypt or decrypt the data to be accessed by the corresponding IO command.
According to a method for encrypting and decrypting a key by using first management data in a second aspect of the application, a method for encrypting and decrypting a key by using eighth management data in the second aspect of the application is provided, a first naming space is indicated in response to receiving a password management command, user password management is performed on the first naming space according to the password management command, and the encryption key or decryption key of the first naming space is kept unchanged.
According to a method for encrypting and decrypting a key by eighth management data in a second aspect of the present application, there is provided a method for encrypting and decrypting a key by ninth management data in the second aspect of the present application, responding to the password management command to set a command for a password, setting a user password for the first namespace, and keeping the encryption key or decryption key of the first namespace unchanged.
According to an eighth method for managing data encryption and decryption keys in the second aspect of the application, a tenth method for managing data encryption and decryption keys in the second aspect of the application is provided, a user password of the first naming space is modified in response to the password management command being a password modification command, and an encryption key or a decryption key of the first naming space is kept unchanged.
According to an eighth method for managing data encryption and decryption keys in the second aspect of the application, a method for managing data encryption and decryption keys in the eleventh method for managing data encryption and decryption keys in the second aspect of the application is provided, a user password of the first naming space is deleted in response to the password management command being a password deletion command, and the encryption key or decryption key of the first naming space is kept unchanged.
According to a method for encrypting and decrypting a key by eighth management data in a second aspect of the present application, a method for encrypting and decrypting a key by twelfth management data in the second aspect of the present application is provided, the user password of the first namespace is authenticated in response to the password management command being a password authentication command, and the encryption key or the decryption key of the first namespace is kept unchanged.
According to a method for encrypting and decrypting a key by eighth management data in a second aspect of the present application, there is provided a method for encrypting and decrypting a key by thirteenth management data in the second aspect of the present application, in response to the password management command being a cancel authentication command, user password authentication on the first namespace is canceled, and the encryption key or decryption key of the first namespace is kept unchanged.
According to a method for encrypting and decrypting a key by using first management data in a second aspect of the application, a method for encrypting and decrypting a key by using fourteenth management data in the second aspect of the application is provided, a second naming space is created in response to receiving an NS creation command, and an encryption key or a decryption key is set for the second naming space, wherein the data encryption key is the same as or different from encryption keys or decryption keys of other naming spaces in a storage device.
According to one of the methods of encrypting and decrypting a key for first to fourteenth management Data according to the second aspect of the present application, there is provided a method of encrypting and decrypting a key for fifteenth management Data according to the second aspect of the present application, acquiring first random Data (trng_data_2), a storage device identification code (chip ID), and second random Data (loc_trng_2), including: the first random Data (trng_data_2), the memory device identification code (chip ID), and the second random Data (loc_trng_2) are acquired from the one-time programmable device.
According to one of the methods for encrypting and decrypting Data according to the first to fourteenth aspects of the present application, there is provided a method for encrypting and decrypting Data according to the sixteenth aspect of the present application, for obtaining an encryption key or a decryption key (last_rk) corresponding to one or more namespaces in a storage device according to the first random Data (trng_data_2), the storage device identification code (chip ID), and the second random Data (loc_trng_2), including: performing Hash operation on the first random Data (TRNG Data_2) to obtain a first Hash value (TRNG_Hash_2); performing Hash operation on the storage device identification code (chip ID) and the second random data (LOC_TRNG_2)) to obtain a second Hash value (loc_TID_hash); encrypting the first Hash value (trng_hash_2) and the second Hash value (loc_tid_hash) to obtain encryption keys or decryption keys (last_rk) corresponding to one or more namespaces.
Based on a third aspect of the present application, there is provided a method of first processing a command according to the third aspect of the present application, comprising: in response to obtaining a first read command to access a first namespace, wherein the first namespace is in an unlocked state, obtaining a first decryption key corresponding to the first namespace; and accessing the storage medium according to the first read command to obtain first ciphertext data, and decrypting the first ciphertext data by using the first decryption key to obtain first decrypted data serving as data to be read by the first read command.
According to a method for processing a command in a first aspect of the present application, a method for processing a command in a second aspect of the present application is provided, and in response to obtaining a first write command for accessing a first namespace, wherein the first namespace is in an unlocked state, a first encryption key corresponding to the first namespace is obtained; and encrypting the first plaintext data to be written in by the first write command according to the first encryption key, and writing the first encrypted data obtained after encryption into a storage medium.
According to a method for processing a command in a first or second aspect of the present application, there is provided a method for processing a command in a third aspect of the present application, in response to obtaining a second read command accessing a second namespace, wherein the second namespace is in an unlocked state, obtaining a second decryption key corresponding to the second namespace, wherein the second decryption key is the same as or different from the first decryption key; and accessing the storage medium according to the second read command to obtain second ciphertext data, and decrypting the second ciphertext data by using the second decryption key to obtain second decrypted data serving as data to be read by the second read command.
According to a third method of processing commands in a third aspect of the present application, there is provided a fourth method of processing commands in a fourth aspect of the present application, in response to obtaining a second write command accessing a second namespace, wherein the second namespace is in an unlocked state, obtaining a second encryption key corresponding to the second namespace, wherein the second encryption key is the same as or different from the first encryption key; and encrypting the second plaintext data to be written in by the second writing command according to the second encryption key, and writing the second encrypted data obtained after encryption into a storage medium.
According to one of the methods of processing commands from the first to fourth aspects of the present application, there is provided a method of processing commands from the fifth aspect of the present application, the first decryption key being the same as or different from the first encryption key; the second decryption key may be the same as or different from the second encryption key.
According to one of the methods of processing commands from the first to the fifth of the third aspect of the application, there is provided the method of processing commands from the sixth of the third aspect of the application, in response to acquiring the first read command or the first write command, wherein the first namespace is in a password unlocked state or a locked state, generating first feedback information that fails to access the first namespace, and transmitting the first feedback information to the host.
According to a method for processing a command in a sixth aspect of the present application, a method for processing a command in a seventh aspect of the present application is provided, and in response to obtaining a first user password input by a user and the first read command, the first namespace is in a password unlock state, a first password key corresponding to the first namespace is obtained, and verification is performed on the first user password according to the first password key; and decrypting the first ciphertext data with the first decryption key to obtain the first decrypted data in response to passing the verification.
According to a seventh method of processing a command according to the third aspect of the present application, there is provided the method of processing a command according to the eighth aspect of the present application, generating the first feedback information in response to failing the verification, and transmitting the first feedback information to a host.
According to a seventh command processing method of a third aspect of the present application, there is provided a command processing method according to a ninth aspect of the present application, in response to acquiring the first user password and the first write command, wherein the first namespace is in a password unlocked state, acquiring the first password key, and verifying the first user password according to the first password key; and in response to passing the verification, encrypting the first plaintext data according to the first encryption key to obtain the first encrypted data, and writing the first encrypted data into a storage medium.
According to a ninth method of processing a command according to the third aspect of the present application, there is provided the method of processing a command according to the tenth aspect of the present application, generating the first feedback information in response to failing the verification, and transmitting the first feedback information to a host.
According to one of the first to tenth command processing methods of the third aspect of the present application, there is provided the command processing method of the eleventh aspect of the present application, wherein in response to acquiring the second read command or the second write command, the second namespace is in a password unlocked state or a locked state, second feedback information that fails to access the second namespace is generated, and the second feedback information is sent to the host.
According to one of the eleventh command processing methods of the third aspect of the present application, there is provided the command processing method according to the twelfth aspect of the present application, in response to obtaining a second user password input by a user and the second read command, wherein the second namespace is in a password unlock state, obtaining a second password key corresponding to the second namespace, and verifying the second user password according to the second password key; and in response to passing the verification, decrypting the second ciphertext data with the second decryption key to obtain the second decrypted data.
According to a twelfth method of processing a command according to the third aspect of the present application, there is provided the method of processing a command according to the thirteenth aspect of the present application, generating the second feedback information in response to failing the verification, and transmitting the second feedback information to the host.
According to an eleventh command processing method of the third aspect of the present application, there is provided a method of the fourteenth command processing method of the third aspect of the present application, in response to acquiring the second user password and the second write command, wherein the second namespace is in a password unlocked state, acquiring the second password key, and verifying the second user password according to the second password key; and in response to passing the verification, encrypting the second plaintext data according to the second encryption key to obtain the second encrypted data, and writing the second encrypted data into a storage medium.
According to a fourteenth method of processing a command according to the third aspect of the present application, there is provided the method of processing a command according to the fifteenth aspect of the present application, generating the second feedback information in response to the verification being failed, and transmitting the second feedback information to the host.
According to one of the first to fifteenth methods of processing commands according to the third aspect of the present application, there is provided the method of sixteenth processing commands according to the third aspect of the present application, the first password key being the same as or different from the second password key.
According to a sixteenth method of processing commands in a third aspect of the present application, there is provided a seventeenth method of processing commands in a third aspect of the present application, the first password key being identical to the second password key in response to the first namespace and the second namespace both being in a password-free unlocked state; responsive to one of the first namespace and the second namespace being in a password-free unlocked state, the other being in a password-unlocked state, the first password key and the second password key being different; responding to the first and second namespaces in a password unlocking state, wherein the user passwords corresponding to the first and second namespaces are the same, and the first password key is the same as the second password key; and responding to the first and second namespaces in a password unlocking state, wherein the user passwords corresponding to the first and second namespaces are different, and the first password key is different from the second password key.
According to one of the methods of processing commands from the first to seventeenth aspects of the present application, there is provided the method of processing commands according to the eighteenth aspect of the present application, in response to acquiring a password management command for managing a first namespace, wherein the first namespace is in an unlocked state, setting a user password for the first namespace, modifying the user password, or deleting the user password according to the password management command, and keeping the first encryption key or the first decryption key unchanged.
According to an eighteenth command processing method of the third aspect of the present application, there is provided the nineteenth command processing method according to the third aspect of the present application, in response to obtaining the password management command, wherein the first namespace is in an unlocked state, password authentication is canceled for the first namespace according to the password management command, and the first encryption key or the first decryption key is kept unchanged.
According to an eighteenth or nineteenth method for processing commands according to the third aspect of the present application, there is provided the twentieth method for processing commands according to the third aspect of the present application, in response to acquiring the password management command, wherein the first namespace is in a locked state, password authentication is performed for the first namespace according to the password management command, and the first encryption key or the first decryption key is kept unchanged.
According to a method for processing commands from the first to twenty in a third aspect of the present application, there is provided a method for processing commands from the twenty first in a third aspect of the present application, identifying data to be recovered according to the garbage collection command in response to obtaining the garbage collection command, and allocating a corresponding storage space for the data to be recovered, and moving the data to be recovered to the storage space, wherein the data to be recovered is directly moved without performing encryption or decryption.
Based on a fourth aspect of the present application, there is provided a first controller according to the fourth aspect of the present application, the controller comprising a host interface and processing circuitry for interacting with a host; the processing circuit is configured to implement one of the methods of managing data encryption and decryption keys as in the second aspect of the present application, or one of the methods of processing commands as in the third aspect of the present application.
According to a first controller of a fourth aspect of the present application, there is provided a second controller of the fourth aspect of the present application, the processing circuit comprising a host command processing unit and a storage command processing unit; the host command processing unit is used for analyzing the first command and indicating the storage command processing unit according to the analysis result; the storage command processing unit is used for executing the operation corresponding to the first command according to the instruction and changing or maintaining the state of the first naming space. The controller for encrypting and decrypting the key according to the second management data in the third aspect of the application provides the controller for encrypting and decrypting the key according to the third management data in the third aspect of the application, and the operation indicated by the first command comprises: a data moving operation, a namespace management operation and a namespace password management operation.
According to one of the first to third controllers of the fourth aspect of the present application, there is provided the fourth controller according to the fourth aspect of the present application, the controller further comprising an encryption unit and a decryption unit for encrypting and decrypting the data.
Based on a fifth aspect of the present application, there is provided a storage device according to the fifth aspect of the present application, including a storage medium and a controller for implementing one of the methods of managing data encryption and decryption keys as in the second aspect of the present application, or one of the methods of processing commands as in the third aspect of the present application.
Drawings
For a clearer description of embodiments of the present application or of the solutions of the prior art, reference will be made below to the accompanying drawings, which are used in the description of embodiments or of the prior art, it being obvious that the drawings in the description below are only some embodiments described in the present application, from which other drawings can also be obtained for a person skilled in the art;
FIG. 1A is a block diagram of a prior art solid state storage device;
FIG. 1B is a schematic diagram of a prior art control component;
FIG. 2 is a flow chart of a method of managing namespaces according to an embodiment of the present application;
FIG. 3 is a flow chart of a method of processing IO commands in accordance with an embodiment of the present application;
FIG. 4 is a controller block diagram of processing NVMe read commands according to an embodiment of the present application;
FIG. 5 is a controller block diagram of processing NVMe write commands according to an embodiment of the present application;
FIG. 6 is a flow chart of a method of processing NS management commands according to an embodiment of the application;
FIG. 7 is a controller block diagram of processing NS management commands according to an embodiment of the application;
FIG. 8 is a flow chart of a method of processing password management commands according to an embodiment of the present application;
FIG. 9 is a namespace state migration diagram;
FIG. 10 is a block diagram of a controller that processes password management commands according to an embodiment of the present application;
FIG. 11 is a flow chart of a method of processing a first display command according to an embodiment of the present application;
FIG. 12 is a flow chart of a method of processing a second display command according to an embodiment of the present application;
FIG. 13 is a namespace state change diagram in an application scenario;
FIG. 14 is a namespace state change diagram in another application scenario;
FIG. 15 is a namespace state change diagram based on display commands;
FIG. 16 is a namespace state change diagram based on NS management commands and password management commands;
FIG. 17a is a flow chart of a method for managing encryption and decryption keys according to an embodiment of the present application;
FIG. 17b is a flow chart of a method for generating a data encryption and decryption key according to an embodiment of the present application;
fig. 18 is a schematic diagram of a data encryption and decryption key and password key generation relationship according to an embodiment of the present application.
Detailed Description
The following description of the embodiments of the present application, taken in conjunction with the accompanying drawings, clearly and completely describes the technical solutions of the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments herein without making any inventive effort, are intended to be within the scope of the present application.
Fig. 2 illustrates a method for managing namespaces (namespaces) according to an embodiment of the present application, including step S101, step S102, and step S103, which are described in detail below.
Step S101, a first command is received. Referring to FIG. 1B, the first command is a host command from host interface 1041. The first command includes an NVMe command conforming to an NVMe protocol, an NS management command for managing a namespace, and a password management command for managing a namespace password. The specific manner of handling these commands will be described in detail below.
Step S102, in response to the first command indicating the first namespace, the first command is processed according to the state of the first namespace. For example, the first command indicates that the first namespace may be: the first command includes a parameter that identifies identity information of a namespace to be accessed or managed by the first command. Herein, a parameter such as NS ID is used, and NS ID corresponding to each namespace is globally unique, so that one namespace can be uniquely identified by NS ID. That is, in response to the first command containing one or more NS IDs, i.e., indicating that the first command is to access or manage one or more namespaces; the host command processing unit 1042 may further execute the first command.
By way of example, not only does each namespace created on an SSD have an NSID, but different namespaces may have the same or different states. After each power-up of the SSD, the SSD determines the state of each namespace by running firmware and stores the state of each namespace in a cache, e.g., by recording the relationship between each namespace NSID and state through a namespace state table containing a plurality of entries, each entry recording the relationship between one namespace NS ID and state.
Step S103, changing or maintaining the state of the first namespace. As an example, after receiving the first command sent by the host, the control unit determines the NSID of at least one namespace to be accessed or managed by the first command, and queries the corresponding state according to the NSID of each namespace. The execution of the first command is related to the state of the namespace, for example, if the first command is an IO command, the IO command can be executed only when the namespace is in a specific state, and the IO command cannot be executed in other states. Changing or maintaining the state of the first namespace according to the processing result of the first command, if the first command is executed, changing the state of the first namespace from one state to another state; if the first command is not executed, the state of the first namespace is maintained unchanged. For example, the state of the first namespace is kept unchanged when IO commands are processed, so that execution of subsequent IO commands is not affected; for example, when the authentication cancellation command is executed, the state of the first namespace is changed to be a locked state, so that the first namespace is locked and cannot be accessed by data.
It is noted above that the first command comprises an NVMe command, wherein the NVMe command in turn comprises a command for accessing a namespace for data movement between the host and the SSD. The processing procedure of the IO command will be described in detail below. Fig. 3 illustrates a method for managing namespaces according to an embodiment of the present application, including step S201, step S202, step S203, and step S204, which are described in detail below.
In step S201, an IO command is received. For example, an IO command from a host may be received via host interface 1041, the IO command indicating a first namespace to be accessed by the host, e.g., the IO command may contain an NS ID of the namespace to be accessed.
Step S202, query the state of the first namespace. For example, according to the NS ID included in the IO command in step 201, the state corresponding to the NS ID is queried in the namespace state table. In one embodiment, the namespace state table is shown in Table 1.
TABLE 1
Entries NSID Status of
Item 0 NS0 Unlocking the device
Item
1 NS1 Locking
The namespace state table in table 1 includes two entries, namely entry 0 and entry 1, each entry including two columns, one for recording the NS ID and the other for recording the state of the namespace corresponding to the NS ID. For example, the state of the namespace includes both unlocked and locked, entry 0 records the state of the namespace NS0, entry 1 records the state of NS1, wherein the state of the namespace NS0 recorded by entry 0 is the unlocked state and the state of the namespace NS1 recorded by entry 1 is the locked state. Herein, for the sake of simplicity, the "state of a namespace is an unlocked state" is also referred to as "namespace is an unlocked state" and the "state of a namespace is a locked state" is also referred to as "namespace is a locked state".
In step S203, in response to the state of the first namespace being the unlocked state, an IO command is executed to move data in the physical address space corresponding to the first namespace. For example, for a read command, data is moved from the NVM to the host; for write commands, data is moved from the host to the NVM. In response to the state of the first namespace being a non-unlocked state, e.g., a locked state, the IO command is not executed, and a notification of failure in processing the IO command, e.g., a notification of a permission error, may be returned to the host interface. For example, if the current IO command indicates the namespace NS0, the namespace NS0 is unlocked according to Table 1, so the current IO command continues to be executed; if the current IO command indicates the namespace NS1, NS1 is in a locked state according to Table 1, so the IO command is not executed. Based on this, the user can protect the namespace by setting the state of the namespace to a locked state, making it inaccessible to unauthorized persons.
Step S204, the state of the first namespace is kept unchanged, namely the information of the corresponding entry in the namespace state table is kept unchanged.
The above method of processing NVMe commands is further described below in conjunction with the controller architecture. FIG. 4 illustrates a controller managing namespaces for handling read commands in accordance with an embodiment of the present application; the device comprises a host interface, a host command processing unit, a storage command processing unit, a medium interface controller, a decryption unit and a DMA transmission unit. Also shown in FIG. 4 for ease of understanding are a host, DRAM, and off-chip memory (herein, off-chip memory refers to data memory external to the controller). The contents illustrated in fig. 4 may be understood in conjunction with fig. 1B.
The host interface sends an NVMe (read) command to the host command processing unit, denoted as procedure (1.1). After receiving the NVMe command and performing a preliminary determination (for example, determining that the NVMe command is a command related to a namespace, this process belongs to the prior art and is not shown in the drawing), the host command processing unit sends the NVMe command to the NS state determining unit, queries a namespace state table in the DRAM, and queries a state of a namespace corresponding to the namespace NS ID indicated by the read command. For example, the current NVMe command indicates the namespace NS1, then according to the namespace state table (as shown in fig. 4), the namespace NS1 is in a locked state, and then the permission error information is returned to the host through the host interface, which is denoted as a procedure (1.9). If the current NVMe command indicates a namespace NS0, then the namespace NS0 is in an unlocked state according to the namespace state table (as shown in fig. 4), and then execution of the NVMe command continues. The NVMe command enters an NVMe command parsing unit, denoted as procedure (1.2). The NVMe command parsing unit parses the NVMe command, determines that the NVMe command is a read command, and then further processes the read command, for example, performs address parsing according to the read command, generates a DMA command, etc. (these read command processing procedures are in the prior art and are not shown in the figure). The NVMe command parsing unit also informs the data read/write control unit of the storage command processing unit in the form of a storage command, denoted as a procedure (1.3). The data read/write control unit processes the storage command and interacts with the media interface controller, denoted as procedure (1.4). The data read/write control unit also instructs the key management unit to obtain the decryption key of the namespace indicated by the read command, denoted as procedure (1.5); the key management unit then sends the decryption key to the decryption unit, denoted as procedure (1.6). For example, the read command indicates the namespace NS0, and when reading the data of the namespace NS0, a decryption key of the namespace NS0 is also acquired accordingly, and the decryption unit decrypts the data read from the namespace NS0 based on the decryption key. The media interface controller performs data movement to move data from the off-chip memory to the DRAM. The DMA transfer unit executes the DMA command to move the data decrypted by the decryption unit to the host memory through the host interface, and the processes are represented as (1.7) and (1.8).
As can be seen from the above process, the data stored in the storage medium is encrypted; the key management unit and the decryption unit are used for acquiring the key and decrypting the data, so that the security of the data is ensured.
The processing of the read command is described above and the processing of the write command is described below. FIG. 5 illustrates a controller managing namespaces for handling write commands in accordance with an embodiment of the present application. The differences between fig. 5 and fig. 4 include, among others, an encryption unit for encrypting data from a host.
The host interface sends an NVMe (write) command to the host command processing unit, denoted as procedure (2.1). The host command processing unit receives the NVMe command, and the NS state judging unit inquires a namespace state table in the DRAM, and inquires a state of a namespace corresponding to an NS ID of the NVMe command. For example, the current NVMe command indicates NS1, then according to the namespace state table (as shown in fig. 5), the namespace NS1 is in a locked state, and then a permission error message is returned to the host through the host interface, denoted as procedure (2.9). If the current NVMe command indicates NS0, then the namespace NS0 is in the unlocked state according to the namespace state table (as shown in fig. 5), then the NVMe command continues to be executed. The NVMe command enters an NVMe command parsing unit, denoted as procedure (2.2). The NVMe command analysis unit analyzes the NVMe command and judges the NVMe command as a write command. The NVMe command parsing unit also informs the data read/write control unit of the storage command processing unit in the form of a storage command, denoted as a procedure (2.3). In one aspect, the data read/write control unit instructs the key management unit to obtain the encryption key of the namespace indicated by the write command, denoted as procedure (2.4). For example, the write command indicates the namespace NS0, the key management unit obtains the encryption key of the namespace NS 0. The key management unit sends the encryption key to the encryption unit, denoted as procedure (2.5). On the other hand, the DMA transfer unit executes a DMA command to move data from the host into the DRAM, denoted as process (2.6); the DMA transfer unit interacts with the encryption unit, indicated as process (2.7), to cause the encryption unit to encrypt data transferred by the DMA transfer unit into the DRAM. On the other hand, the data read/write control unit transmits one or more media interface commands, denoted as a procedure (2.8), to the media interface controller; finally, the media interface controller moves the encrypted data in the DRAM further into the off-chip memory NAND Flash according to the media interface command, denoted as process (2.9). Wherein the encryption unit encrypts the data in order to secure the data. The encryption keys for different namespaces may be different and thus require a key management unit for key management.
By way of example, the encryption key and decryption key for a namespace may be the same or different.
The NS state determining unit, the NVMe command parsing unit, the data read/write control unit, the key management unit, the decryption unit, the encryption unit, and the like in fig. 4 and 5 may be implemented by hardware or software, which is not limited in this application. Also, although the host command processing unit and the storage command processing unit are distinguished in fig. 4 and 5, in some embodiments, the NS state judging unit, the NVMe command parsing unit, the data read/write control unit, the key management unit, and the like may be independently implemented by the host command processing unit or the storage command processing unit, which is not limited in this application.
The manner of processing IO commands based on NVMe protocol is described above, and NS management commands are described next. The NS management command includes an NS creation command and an NS deletion command. Unlike NVMe commands, NS management commands are custom commands that can be custom by the controller designer.
Fig. 6 illustrates a method of processing NS management commands according to an embodiment of the present application. By way of example, the NS management command includes an NS creation command and an NS deletion command, and for ease of understanding, the processing procedures of the NS creation command and the NS deletion command are briefly described below, respectively.
(1) For the received NS management command, a command is created for the NS, and the processing procedure is as follows:
in step S301, an NS management command is received, where the NS management command includes an NS creation command and an NS deletion command.
In step S302, the current NS management command does not indicate the first namespace, which indicates that the current command creates a command for the NS. That is, the NS creation command is characterized in that a certain namespace is not indicated in the NS creation command, or that there is no parameter of NS ID in the NS creation command. The reason is that the namespaces have not been established and the corresponding NS IDs have not been assigned.
In step S303, a namespace is created, including assigning an NS ID of the namespace, creating a corresponding second namespace according to the NS ID, and recording a correspondence between a logical address of the second namespace and the NS ID thereof.
In step S304, the state of the created namespace is recorded, for example, the created namespace is recorded as an unlocked state. Specifically, the unlocked state can be further classified into a password-less unlocked state and a password-unlocked state. In one embodiment, the namespace state table is shown in Table 2.
TABLE 2
Entries NSID Status of
Item 0 NS0 Password-free unlocking (S0)
Item 1 NS1 Unlocking with password (S1)
Item 2 NS2 With password lock (S2)
The namespace state table in table 2 includes three entries, namely an entry 0, an entry 1 and an entry 2, each entry includes two columns, one column is used for recording the NS ID, the other column is used for recording the state of the namespace corresponding to the NS ID, and the states of the namespaces include three states, namely a no-password unlocked state, a password unlocked state and a password locked state. Entry 0 records the state of namespace NS0, entry 1 records the state of namespace NS1, and entry 2 records the state of namespace NS 2. The state of the namespace NS0 recorded in the entry 0 is a password unlock state, the state of the namespace NS1 recorded in the entry 1 is a password unlock state, and the state of the namespace NS2 recorded in the entry 2 is a password lock state. For easy identification, the password-free unlocking state is marked as S0, the password-free unlocking state is marked as S1, and the password-free locking state is marked as S2; hereinafter, the password-locked state is also simply referred to as a locked state.
Since the newly created namespace has not yet been password set by the user, its state can be set to the password-free unlocked state. The namespaces without password unlock state may have default passwords set by the system, while the namespaces with password unlock state and password lock state have user passwords set by the user.
In step S305, in response to the namespace creation being successful, a default password is assigned to the newly created namespace. The default password is self-contained in the system and is different from the user password set by the user.
(2) For the received NS management command being an NS delete command, the processing procedure is as follows:
in step S402, the first command is parsed, and it is determined that the first command is an NS deletion command indicating the first namespace, that is, the NS deletion command includes the NS ID of the namespace to be deleted.
Step S403, query the state of the first namespace.
Step S404, verifying the password input by the user, and executing step S405 after the verification is successful.
Step S405, deleting or reserving the first namespace according to the state of the first namespace.
For example, the current NS delete command indicates the namespace NS0, and as can be seen from table 2, the namespace NS0 is in the password-free unlocked state, and the namespace NS0 is deleted.
For another example, when the current NS delete command indicates the namespace NS1, and the namespace NS1 is in the password unlocked state as shown in table 2, the user password of the namespace NS1 is deleted while deleting the namespace NS 1.
For another example, the current NS delete command indicates the namespace NS2, and as can be seen from table 2, the namespace NS2 is in a password locked state, and the locked state namespace cannot be deleted, so the NS delete command is not processed.
Based on this, for namespaces in the unlocked state, the NS delete command can be successfully executed; for namespaces in the locked state, the NS delete command fails to execute. In order to facilitate the user to know the execution condition of the NS deletion command, the host may further feed back the prompt information of success or failure of NS deletion. Of course, the user may be notified in other ways, for example, using a first display command to be described later.
In one embodiment, the password authentication in step S404 includes: matching a first password entered by a user with a second password of a stored first namespace, wherein the second password is a default password (for namespaces without password unlocked state) or a user password (for namespaces with password unlocked state); if the first password is successfully matched with the second password, indicating that the operation is an operation of the authorized user, continuing to execute the step S405; if the first password fails to be matched with the second password, the operation of an unauthorized user is indicated, the execution of the NS deleting command is stopped, and the information of authority errors is returned. In one application scenario, multiple verification opportunities may be set, and the first namespace is locked in the event that none of the multiple verifications is successful, prohibiting further operations on the first namespace.
For example, if the password verification in step S404 is required, the first password for performing the password verification may be carried on the NS delete command (as a parameter of the NS delete command), or another command transmitted by the host simultaneously or after the transmission of the NS delete command may be used, and the first password is carried by the command, which is not limited herein.
The above method of handling NS management commands is further described below in conjunction with the controller architecture. FIG. 7 illustrates a controller for managing namespaces for handling NS management commands according to an embodiment of the present application. In which the same parts as in fig. 4 and 5 are not described in detail. The password authentication unit is indicated by a dashed box, meaning that the password authentication unit is an optional unit. In addition, in addition to being implemented in the host command processing unit, in other embodiments the password verification unit may also be implemented in the storage command processing unit. The password verification unit and the NS state judgment unit may be implemented by hardware or software, which is not limited in this application.
For NS creation commands, NS creation commands received from the host are forwarded to the host command processing unit through the host interface, denoted as procedure (3.1). The host command processing unit directly forwards the NS creation command to the storage command processing unit, denoted as procedure (3.3); the storage command processing unit creates a namespace according to the NS management command, including: an NS ID is distributed, the corresponding relation between the NS ID and the logical address of the name space is recorded, the state of the created name space is determined, and the password of the name space is set as a default password. After the processing is completed, the storage command processing unit synchronizes the information of the created namespace including the size of the namespace, NSID, and the like to the host command processing unit, and represents a procedure (3.5). In one embodiment, the store command processing unit may implement the modification of the namespace state by updating one or more entries in the namespace state table in DRAM, as shown in FIG. 7, after creation of the NS is complete, an entry 3 may be added to the namespace state table, the entry 3 containing the NSID and state of the newly created namespace, e.g., the newly created namespace is "NS3, no password unlocked state", denoted as procedure (3.4).
For NS delete commands, the NS delete command received from the host is forwarded to the host command processing unit through the host interface, denoted as procedure (3.1). The NS state judging unit inquires a namespace state table in the DRAM and inquires the state of a namespace corresponding to the NS ID of the NS deleting command. For example, if the current NS delete command indicates the namespace NS2, then the namespace state table is queried (as shown in fig. 7), and if the namespace NS2 is in a locked state, then a status error notification message is returned to the host through the host interface, denoted as process (3.9). If the current NS delete command indicates NS3, then consulting a namespace state table (as shown in fig. 7), knowing that the namespace NS3 is in a password-free unlocked state, then the host command processing unit forwards the NS delete command to the storage command processing unit, denoted as process (3.3); the storage command processing unit deletes the namespace according to the NS delete command while deleting the corresponding entry in the namespace state table, e.g., the last entry 3"NS3 no password unlock (S0)" in the delete table, denoted as procedure (3.4). In one embodiment, after processing is complete, the storage command processing unit may also synchronize information about the namespace deletions to the host command processing unit, denoted as procedure (3.5).
As also shown in fig. 7, the password verification unit is configured to verify a password input by a user when the NS deletion command is executed, and to feed back prompt information to the host through the host interface according to a result of the verification, for example, if the verification is successful, continue to execute the NS deletion command and feed back prompt information that the verification is successful, and if the verification is failed, stop executing the NS deletion command and feed back prompt information that the verification is failed. In fig. 7, the NS state judgment unit and the password verification unit belong to a host command processing unit, and in other embodiments, these modules may be implemented independently by a storage command processing unit, or separately by the host command processing unit and the storage command processing unit.
The above describes the manner in which NS management commands are handled, and the password management commands are described next. The password management command includes: a password setting command, a password modification command, a password deletion command, a password authentication command, and a cancel authentication command. Password management commands are also custom commands. Fig. 8 illustrates a password management command processing method according to an embodiment of the present application. As shown in fig. 8, the processing flow of the password management command includes steps S501 to S508, and is described in detail below.
Step S501, a password management command is received from the host. The password administration command also indicates that the first namespace, i.e., the password administration command contains an NS ID. For example, a password management command indicates NS0, and the namespace that indicates that the password management command is to manage is namespace NS0.
Step S502, query the state of the first namespace. Such as from a namespace state table. Depending on the state of the first namespace, the jump proceeds to step S503 or step S506.
In this case, the process goes to step S503, and in response to the state of the first namespace being an unlocked state, a password is set for the first namespace, modified, deleted, or password authentication is canceled. Step S504 is then performed to perform password authentication, i.e. to authenticate the user password of the first namespace, and specific password authentication operations may refer to step S404 in fig. 6. Finally, step S505 is executed to change or maintain the state of the first namespace.
In another case, the process goes to step S506, and in response to the state of the first namespace being a locked state, password verification is performed for the first namespace, so as to unlock the first namespace. It should be noted that "password authentication" and "password authentication" are not the same concept herein, for example, "password authentication command" is a password management command, and "password authentication" is a step of verifying a user password required by the password authentication command. Step S507 is then performed to verify the user password of the first namespace, and specific password verification operations may refer to step S404 in fig. 6. Finally, step S508 is performed to change the state of the first namespace in response to the password verification passing.
As shown in fig. 8, step S503 and step S506 are parallel steps, and have no precedence relationship. The step S504 uses a dashed box to indicate that the password authentication step of step S504 is not necessary for all password management commands. For example, the cancel password authentication command, the password deletion command, and the password modification command may configure the step of password authentication. The password setting command may omit the step of configuring password authentication. Specifically, the selection may be made according to business logic. Step S507 employs a solid line box indicating that the password authentication command requires password authentication. In addition, in other embodiments, step S504 and step S507 may be performed before step S502, i.e., password verification is performed first, and then the state of the first namespace is queried. The operation of changing the state of the first namespace in step S505 and step S508 may be performed after the execution of the corresponding password management command is completed, or may be performed when the corresponding password management command is executed.
Querying the state of the first namespace in step S502, and changing or maintaining the state of the first namespace in step S506 and step S507 indicates that: the states of the namespaces are different, and the password management commands which can be responded are also different; or executing different password management commands, the required namespace states are different. In one embodiment, the password management command includes: a password setting command, a password modification command, a password deletion command, a password authentication command, and a cancel authentication command. To reveal the migration change law of the state of the namespaces, fig. 9 shows a state migration diagram of the namespaces.
As shown in fig. 9, the first namespace is created to be in a password-free unlocked state (S0) in which a user password can be set by a user in response to a password setting command. After setting the user password, the first naming space is in a password unlocking state (S1), and can respond to a password modification command and a password deletion command in the password unlocking state; after modifying the password, the first namespace still maintains a password unlocked state (S1); after deleting the password, the first namespace transitions to a no password unlocked state (S0).
In addition, in the password unlocked state (S1), the first namespace is also capable of transitioning the state of the first namespace from the password unlocked state (S1) to the password locked state (S2) in response to a deauthentication command for locking the first namespace. In the locked state, the first namespace is capable of responding to a password authentication command and transitioning the first namespace from the password locked state (S2) to the password unlocked state (S1) after password authentication is passed.
In one embodiment, the password-free unlocked state (S0) and the password-unlocked state (S1) are collectively referred to as an unlocked state in which the first namespace is capable of responding to the IO command and NS management command described above. In the locked state (S2), the first namespace cannot respond to the IO command and the NS management command described above, and the first namespace must be in the unlocked state by the password authentication command to be able to respond to the IO command, the NS management command, and other password management commands. The meaning is that by locking the first namespace, the first namespace can be made to not accept unauthorized operations.
Describing the example of table 2, for example, the current password management command is a password setting command indicating the namespace NS0, and if it is found that the state of the namespace NS0 is the password unlock-free state according to step S502, the password input by the user is set as the user password of the namespace NS0 in response to the password setting command in step S504. In step S505, the state of NS0 is changed to the password unlocked state.
For another example, the current password management command is a password setting command, indicating the namespace NS1, and according to step S502, the state of the namespace NS1 is queried as the password unlocked state. According to the state transition diagram shown in fig. 9, the password unlock state cannot respond to the password set command, and therefore does not respond to the password set command, and at this time, a prompt message of a state error can be fed back to the host.
For another example, if the current password management command is a password modification command and indicates the namespace NS1, in step S502, it is queried that the state of the namespace NS1 is a password unlocked state, and in response to the password modification command, in step S503, a new user password is set for the namespace NS1 to replace the old user password according to the state transition diagram shown in fig. 9. In step S505, the state of the holding namespace NS1 is the password unlocked state.
If the current password management command is a password deletion command and indicates the namespace NS1, in step S502, the state of the namespace NS1 is queried to be the password unlocked state, and in step S503, the user password of the namespace NS1 is deleted in response to the password deletion command according to the state transition diagram shown in fig. 9. In step S505, the state of the namespace NS1 is changed to the password-free unlocked state.
In another example, the current password management command is a password deletion command, indicating the namespace NS0, and in step S502, the state of the namespace NS0 is queried to be the password-free unlocked state. According to the state transition diagram shown in fig. 9, the password-free unlocked state cannot respond to the password deletion command, and therefore does not respond to the password deletion command, and at this time, a prompt message of a state error can be fed back to the host.
For another example, the current password management command is a password authentication command, indicating the namespace NS2, and in step S502, the state of the namespace NS2 is queried as the locked state, and in response to the password authentication command in step S506 according to the state transition diagram described in fig. 9, when the password authentication is passed, in step S508, the state of the namespace NS2 is changed to the password unlocked state. That is, changing the state of one namespace from the locked state to the unlocked state is the result of responding to a password authentication command.
Also, for example, the current password management command is a cancel authentication command, indicating the namespace NS1, and in step S502, the state of the namespace NS1 is queried as the password unlocked state, and in response to the cancel authentication command in step S503, the state of the namespace NS1 is changed to the locked state in step S505 according to the state transition diagram described in fig. 9. That is, changing the state of one namespace from the unlocked state to the locked state is a result of responding to a deauthentication command.
The conditions required for executing the password setting command are: the state of the name space indicated by the method is a password-free unlocking state; the conditions required to execute the password modification command and the password deletion command are: the state of the name space indicated by the method is a password unlocking state; the conditions required to execute the password authentication command are: the state of the namespace indicated by it is a locked state; the conditions required to execute the cancel authentication command are: the state of the namespace indicated by it is the password unlocked state. If the current state of the naming space can not meet the conditions for executing the password management commands, a prompt message of failure in command execution can be returned to the host.
In the step of password verification, the second password input by the user is matched with the stored first password in response to the password management command being a password modification command, if the matching is successful, the password is indicated as an authorized user, and then the first password is updated according to a new password input by the user. Wherein the first password is a user password set by the user.
In one embodiment, the namespace in the no password unlocked state still has a default password. In the step of password verification, the second password input by the user is matched with the stored first password in response to the password management command being a password deletion command, if the matching is successful, the password is indicated as an authorized user, and then the first password is updated to be a default password.
FIG. 10 illustrates an apparatus for managing namespaces for handling password management commands in accordance with an embodiment of the present application.
As shown in fig. 10, a password management command from the host is received through the host interface and forwarded to the host command processing unit, denoted as procedure (4.1). An NS state judgment unit in the host command processing unit inquires a name space state table in the DRAM, and if the password management command does not match with the name space state indicated by the password management command, state error information is returned to the host through a host interface and is represented as a process (4.9). Whether there is a match or not can be determined according to the state transition diagram of fig. 9, for example, the password setting command indicates the namespace NS1, and since the namespace NS1 is not in the password unlock state, the password setting command does not match the state of the namespace indicated by the password setting command, and the host command processing unit returns a state error message to the host through the host interface.
If the password administration command matches the namespace state indicated by it, further optionally, the password entered by the user is verified by a password verification unit. If the verification is not passed, the authority error information is returned to the host through the host interface. Similar to the foregoing, the password authentication unit is an optional unit, indicated by a broken line; in other embodiments, the password verification unit may be implemented in the storage command processing unit.
The host command processing unit forwards the password management command to the storage command processing unit, denoted as process (4.3), and the storage command processing unit processes the password management command, changing or maintaining the state of the namespaces in the namespace state table in the DRAM, denoted as process (4.4). In one embodiment, after the storage command processing unit processes, the relevant information of the namespace is also synchronized to the host command processing unit, denoted as procedure (4.5). For example, when the cancel authentication command is executed, the corresponding namespace becomes locked, and the storage command processing unit sends a notification that the corresponding namespace state becomes locked to the host command processing unit.
The above describes the processing method and apparatus of NVMe command, NS management command and password management command. The NVMe command further comprises a first display command, and the password management command further comprises a second display command. The first display command and the second display command are used for displaying namespaces for a host, and displaying available namespaces and states thereof to a user, wherein the first display command is an identification command defined by an NVMe protocol, and since the NVMe protocol does not define encryption management on the namespaces, a controller of the SSD can have an operation after receiving the first display command, namely inquiring the states of the namespaces in the SSD, only feeding back information of the namespaces in an unlocked state to the host, but not feeding back information of the namespaces in a locked state to the host, and only displaying information of the namespaces in the unlocked state on the host, but not displaying information of the namespaces in the locked state. Further, in the scheme provided by the embodiment of the application, the encryption management function for each namespace is realized through the password management command, so that a part of namespaces in the storage device are in a locked state (encryption state), in order to realize the display of the namespaces in the locked state, the application designs a second display command adopting the password management command, after receiving the second display command, the controller of the SSD queries the state of each namespace in the SSD, and feeds back the information of all namespaces to the host, so that the information of all namespaces is displayed on the host, and all namespaces including the namespaces in the unlocked state also include the namespaces in the locked state, thereby overcoming the defect of the first display command. In addition, the meaning of setting the first display command and the second display command further includes: the first display command is provided for a general user to use, the second display command is provided for the user with management authority, and the authority division ensures the general use and also provides certain safety.
Fig. 11 shows a process flow of the first display command. As shown in fig. 11, step S601 is first performed to receive a first display command; step S602 is then executed to query the state of each namespace; finally, S603 is executed, where the namespace in the unlocked state is fed back to the host interface. For example (based on table 2), after receiving the first display command, the NS ID of the namespace NS0 and the namespace NS1 are fed back to the host interface, and the state of the namespace NS0 may be fed back to the password unlocked state at the same time, and the state of the namespace NS1 is the password unlocked state. The host interface forwards the information to the host, which exposes according to its display program, for example as two disk drives, corresponding to the namespaces NS0 and NS1, respectively.
The first display command can be executed after responding to the NS management command and the password management command and is used for timely feeding back the current naming space condition to the host. For example, in connection with FIG. 7, the first display command is executed prior to creation of namespace NS3, the NS IDs of namespace NS0 and namespace NS1 are fed back, and the first display command is executed again after creation of namespace NS3 is completed, feeding back the NS IDs of namespace NS0, namespace NS1, and namespace NS 3.
Fig. 12 shows a process flow of the second display command. As shown in fig. 12, step S701 is first performed, and a second display command is received; then, step S702 is executed to query the status of all namespaces, and finally step S703 is executed to feed back the NS IDs and status of all namespaces. For example (based on table 2), upon receiving the second display command, the NS IDs of the namespaces NS0, NS1, and NS2 are fed back, and the states of the namespaces can be fed back at the same time. After receiving the feedback signal, the host can call the display program to display the name space and display three disk symbols and the state of each disk symbol. For example, the states of presentation disc NS0 and disc NS0 are password-free unlocked states, the states of presentation disc NS1 and disc NS1 are password-unlocked states, and the states of presentation disc NS2 and disc NS2 are locked states.
Based on the first display command and the second display command, dynamic hiding of the namespaces can be achieved, namely, a general user can only view unlocked namespaces, and an authorized user can view all namespaces.
The above details the manner in which various host commands are processed and the circuit structure of the associated controller, and the key to this application is the determination, maintenance and change of the state of the namespace. The above is reviewed in conjunction with specific application scenarios in order to provide a more thorough understanding of state changes in namespaces. FIGS. 13-16 illustrate specific application scenarios, wherein NS1, NS2 … … represent respective namespaces; representing different states of the namespace by different fill patterns; the vertical represents the state change process of one namespace in the time dimension.
Fig. 13 shows an application scenario in which the states of the namespaces NS1, NS2, NS3, and NS4 before power-down are a password-free unlocked state, and a password-free unlocked state, respectively. After power-down, the namespaces remain in a state prior to power-down. In particular namespaces NS2 and NS3, which remain in the previous state after power up.
Fig. 14 shows another application scenario in which the states of the namespaces NS0, NS1, NS2, NS3, and NS4 before power-down are a no-password unlocked state, a password unlocked state, and a no-password unlocked state, respectively. After power-down, the state of namespaces NS1 and NS4 remains unlocked without the password before power-down, while namespaces NS2 and NS3 become locked with the password.
According to the application scenario of fig. 14, in conjunction with the state transition diagram of fig. 9, the namespaces NS2 and NS3 need to be authenticated to transition the namespaces NS2 and NS3 to the password unlocked state. That is, in the application scenario of fig. 14, after power-up, the namespaces NS2 and NS3 cannot be viewed through the first display command. The namespaces NS2 and NS3 are in a protected state, so that illegal operations of unauthorized users can be avoided, and the safety of the namespaces is improved.
From the perspective of product design, the system can be designed to change the naming space with the password unlocking state into the password locking state when the system is powered on according to the requirement, and the original state of the naming space can also be designed not to be changed when the system is powered on.
FIG. 15 illustrates yet another application scenario showing the response of a namespace to a first display command and a second display command. The states for each of namespaces NS1, NS2, NS3, and NS4 are a no password unlocked state, a password unlocked state, and a password locked state, respectively. In response to the first NVMe-based display command, information of namespaces NS1, NS2, and NS3 is fed back for display by the host. In response to a second display command based on the password management command, information of namespaces NS1, NS2, NS3, and NS4 is fed back for display by the host. It follows that with the second display command, the namespace in the password locked state can be viewed. In addition, according to the service requirement, the state of the name space can be checked by utilizing the first display command and the second display command.
FIG. 16 illustrates an application scenario showing the response of namespaces to NS management commands and password management commands. For the namespace NS0, which is initially in a password-free unlocked state, the namespace NS0 is deleted after responding to the NS delete command. For the namespace NS1, it is initially in the password-free unlocked state, and after responding to the password setting command, it transitions to the password-unlocked state. For the namespace NS2, it is initially in a password unlocked state, and after responding to a password delete command, it transitions to a password unlocked state. For the namespace NS3, it is initially in a password unlocked state, which is maintained after responding to a password modification command. After further responding to the cancel authentication command, the state is changed to a state with password lock. For the namespace NS4, it is initially in a password locked state, and transitions to a password unlocked state after responding to a password authentication command. In addition, in response to the NS creation command, a namespace NS5 is created, and the namespace NS5 is in a password-free unlocked state. In addition, namespaces NS1, NS2, NS3, and NS4 can respond to IO commands and maintain their own state.
The above describes a method for managing namespaces from the viewpoint of interface control, and a method for managing data encryption and decryption keys according to an embodiment of the present application is described below, which is analyzed and described from the viewpoint of password management. It should be noted that the data encryption and decryption key is a generic term for an encryption key and a decryption key.
Fig. 17a shows a flow chart of a method for managing data encryption and decryption keys according to the present application. Referring to fig. 17, the method includes:
in step S801, first random Data (trng_data_2), a storage device identification code (chip ID), and second random Data (loc_trng_2) are acquired, and an encryption key or a decryption key (last_rk) corresponding to one or more namespaces in the storage device is obtained according to the first random Data (trng_data_2), the storage device identification code (chip ID), and the second random Data (loc_trng_2).
In step S802, in response to the user password for adjusting the namespace, the encryption key or decryption key corresponding to the namespace is kept unchanged.
For each namespace, data encryption and data decryption may be performed using a symmetric encryption algorithm, e.g., the symmetric encryption algorithm is the advanced encryption standard algorithm (Advanced Encryption Standard, AES); the data encryption and data decryption can also be performed by adopting an asymmetric encryption algorithm, namely the encryption key and the decryption key corresponding to each naming space can be the same or different. For example, in the case where the encryption key and the decryption key are the same, the encryption key or the decryption key can be obtained by the following method.
By way of example, fig. 17b shows a schematic flow chart of a method for generating a data encryption and decryption key according to the present application.
First, first random Data (TRNG_Data_2) is obtained from a first one-time programmable device, and a Hash operation is performed on the first random Data (TRNG Data_2) to obtain a first Hash value (TRNG_Hash_2 [127:0 ]).
Then, a storage device identification code (chip ID) and second random data (LOC_TRNG_2) are obtained from the second one-time programmable device, and a second Hash value (Loc_TID_Hash [255:0 ]) is obtained by carrying out Hash operation on the storage device identification code (chip ID) and the second random data (LOC_TRNG_2).
And finally, encrypting the first Hash value (TRNG_Hash_2 [127:0 ]) and the second Hash value (Loc_TID_Hash [255:0 ]) to obtain a data encryption and decryption key encryption key or decryption key (last_rk) corresponding to the first naming space in the storage device.
The encryption algorithm adopts an SM4 algorithm. SM4 is a block cipher standard issued by the national cipher administration on day 21, 3, 2012. The relevant standard is "GM/T0002-2012" SM4 block cipher Algorithm ". SM4 is mainly used for data encryption, and both packet length and key length are 128 bits. Alternatively, an encryption algorithm such as AES may also be applied in embodiments according to the present application.
In this embodiment, the hash operation uses the SM3 algorithm. SM3 is a cryptographic hash function standard, and the SM3 algorithm in the embodiment of the present application is issued by the national cryptographic administration on, for example, 21 st 2012, the relevant standard is "GM/T0004-2012" SM3 cryptographic hash algorithm ", or implemented by the national cryptographic administration on, for example, 1 st 2017, the relevant standard is" GB/T32905-2016 information security technology SM3 cryptographic hash algorithm ". The SM3 is mainly used for digital signature and verification, message authentication code generation and verification, random number generation and the like, and the security and the efficiency of the SM3 are equivalent to those of SHA-256. Alternatively, a hash algorithm such as MD5, SHA, or the like may also be applied to convert the first random data according to the embodiments of the present application.
The first random Data (TRNG data_2) is transformed using SM3 algorithm to obtain a first Hash value (trng_hash_2 [127:0 ]). In this embodiment, the first hash value takes the first 128-bit element of the first random data. In more detail, the first hash value is not limited to taking the first 128-bit element of the first random data. Alternatively, the SM3 algorithm can convert to data of a preset length. For example, the preset length is 256 bits, and the preset length can be configured according to requirements, and the preset length is not limited in the application.
Since the user password setting function is configured for each namespace in this embodiment, the user can manage the user password of each namespace, for example, set the user password, modify the user password, delete the user password, or cancel user password authentication. According to the method of the application, if the user modifies the password set by the first namespace (including modifying the default password to the user password and modifying the old user password to the new user password), the encryption key or decryption key (last_rk) corresponding to the first namespace remains unchanged. The method has the significance of improving user experience, and is characterized in that in the technical scheme of the prior art, the key for encrypting and decrypting the user data is associated with the password set by the user. If a user changes the password of a namespace during use, all data in the namespace need to be read and decrypted by the old encryption or decryption key, and then encrypted with the new encryption or decryption key generated by the new password and rewritten into the namespace according to prior art schemes. When the data amount is large, the time consumed by the process is intolerable to the user. In the technical scheme of the application, when the password is changed, the password key for verifying the password is correspondingly changed and is stored in the off-chip memory (the application of the password key belongs to the prior art and is not repeated here); while the encryption key or decryption key does not change. Therefore, even if the password is changed, since the encryption key or the decryption key is unchanged, the user data does not need to be repeatedly decrypted and encrypted as in the prior art, thereby greatly improving the processing efficiency and the user experience.
In one embodiment, the encryption key or decryption key (last_rk) is stored in a buffer memory (e.g. DRAM) of the storage device, and the data stored in the buffer memory is lost after the storage device is powered down, so that the security of the key is ensured.
In a storage device having multiple namespaces, the encryption key or decryption key (last_rk) corresponding to one or more namespaces may be the same. That is, for a storage device containing multiple namespaces, it may encrypt or decrypt data of all namespaces by using one encryption key or decryption key (last_rk), or may have multiple different encryption keys or decryption keys, where the encryption keys or decryption keys corresponding to the different namespaces are different, so that the encryption keys or decryption keys corresponding to any two namespaces are different; or multiple namespaces correspond to the same encryption key or decryption key.
In one embodiment, when an IO command indicating a first namespace is received, if the IO command is a read command, the encryption key or decryption key is invoked to decrypt data fetched from the first namespace. And if the IO command is a write command, calling the encryption key or the decryption key to encrypt the data moved into the first naming space.
Further, when a plurality of IO commands are received and a plurality of first namespaces are indicated, if the first namespaces have the same encryption key or decryption key, the data corresponding to the first namespaces are encrypted or decrypted by adopting the same encryption key or decryption key; if the first namespaces have different encryption keys or decryption keys, the encryption keys or the decryption keys corresponding to the first namespaces are respectively called to encrypt or decrypt the corresponding data.
Furthermore, when a password management command indicating the first namespace is received, the encryption key or decryption key of the first namespace is maintained unchanged regardless of the type of password management command and regardless of the operation performed on the first namespace according to the type of password management command (i.e., regardless of setting a password, modifying a password, deleting a password, authenticating a password, or canceling password authentication).
And when receiving the NS creation command, creating a second naming space, setting an encryption key or a decryption key for the second naming space, setting an encryption key or a decryption key which is the same as other naming spaces for the second naming space, or setting an encryption key or a decryption key which is different from other naming spaces for the second naming space.
By way of example, if the encryption key or decryption key of the second namespace is the same as the encryption key or decryption key of the other namespaces in the storage device, the encryption key or decryption key of the second namespace may be set based on the encryption key or decryption key of the other namespaces. If the encryption or decryption key of the second namespace is different from the encryption or decryption keys of other namespaces in the storage device, then an encryption or decryption key needs to be regenerated for the second namespace. For example, multiple sets of one-time programmable devices (a first one-time programmable device and a second one-time programmable device) may be provided in the storage device, where each namespace corresponds to a set of one-time programmable devices, and hash operations are performed according to data stored in the one-time programmable device corresponding to each namespace to obtain an encryption key or a decryption key of each namespace. In another example, a one-time programmable device may be provided in the storage device to store the first random data, and another one-time programmable device may be provided to store the chip ID and the second random data, where each namespace uses only 128 bits of data in the first random number and the second random number in generating the encryption key or the decryption key, and the storage capacity of each one-time programmable device is generally different in several KB or tens of KB, so that the number of bits of the first random number and the second random number is far smaller than the capacity of the one-time programmable device, that is, two one-time programmable devices are enough to satisfy the requirements of multiple namespaces, and when the encryption key or the decryption key of different namespaces is generated, the data of different bits in the first random number and the second random number may be used.
Fig. 18 illustrates the process of password key generation and generation of an encryption key or decryption key (e.g., the encryption key and decryption key may be identical), and in fact fig. 17b is part of fig. 18. In fig. 18, the generation of the password key shares the first Hash value (trng_hash_2 [127:0 ]) obtained by converting the first random Data (trng_data_2) with the generation of the encryption key or the decryption key, and the password key generation process will be described in detail below.
The password key includes: an original key (c_pin_hash), a primary key (c_trng_hash_1) and a secondary key (c_trng_hash_2).
The method for generating the original key (C_Pin_Hash) comprises the following steps: acquiring a user password and one-time programmable third random data (LOC_TRNG_1); and converting the spliced user password and the one-time programmable third random data by utilizing a hash algorithm to obtain a user password hash value (Loc_THash [127:0 ]). The default password is obtained, and the default password is converted by utilizing a Hash algorithm to obtain a default password Hash value (UPIN_Hash [127:0 ]). Encrypting the user password Hash value (Loc_THash [127:0 ]) and the default password Hash value (UPIN_Hash [127:0 ]) to obtain the original key (C_Pin_Hash).
Wherein, regarding the mode of conversion by using the hash algorithm, the SM3 algorithm can be adopted; alternatively, the encryption method may employ an SM4 algorithm.
The generation method of the primary key (C_TRNG_Hash_1) comprises the following steps: a user password and a storage device identification code are obtained, or a default password and a storage device identification code are obtained. And converting the spliced user password and the storage device identification code by using a Hash algorithm, or converting the spliced default password and the storage device identification code by using a Hash algorithm to obtain a fourth Hash value (UID_Hash [127:0 ]). True random Data (trng_data_1) is acquired. The true random Data (trng_data_1) is transformed using a hashing algorithm to obtain a primary key Hash value (trng_hash_1 [127:0 ]). Encrypting the fourth Hash value (UID_Hash [127:0 ]) and the primary key Hash value (TRNG_Hash_1 [127:0 ]) to obtain the primary key (C_TRNG_Hash_1).
Note that the generation process of the primary key (c_trng_hash_1) acquires true random Data (trng_data_1). The aforementioned one-time programmable data is stored in one-time programmable (One Time Programmable, OTP) memory, which is only written (programmed) once during the life cycle, and cannot be modified any more after programming. For example, a user programmed to write the value of the OTP memory to 0xFFFFFFFE, the value of which will always remain at 0xFFFFFFFE and cannot be rewritten to other values. Whereas true random Data (trng_data_1) is generated by a hardware random number generator to generate random numbers according to a physical process rather than a computer program. Such devices are typically based on microscopic phenomena that generate low-level, statistically random "noise" signals, such as thermodynamic noise, photoelectric effects, quantum phenomena, and the like, to generate random numbers. These physical phenomena are theoretically totally undetectable and uncontrollable and therefore have good randomness. The random number generator includes a transducer for converting some effects of the aforementioned microscopic phenomena into electrical signals, an amplifier for amplifying the amplitude of the electrical signals to a macroscopic level, and an analog-to-digital converter for converting the output thereof into binary numbers. By repeatedly sampling these random signals, a series of random numbers is generated.
The method for generating the secondary key (C_TRNG_Hash_2) comprises the following steps: encrypting the primary key Hash value (trng_hash_1 [127:0 ]) and the first Hash value (trng_hash_2 [127:0 ]) to obtain the secondary key (c_trng_hash_2).
According to the generation process of the password key, the first Hash value (TRNG_Hash_2 [127:0 ]) is shared in the processing process of the encryption key or the decryption key and the password key, so that the hardware consumption can be reduced, and the cost can be reduced. In addition, although the first Hash value (trng_hash_2 [127:0 ]) is shared, it is generated by the one-time programmable device and is not affected by the user password. Thus, the encryption key or decryption key is not changed due to the change of the user password.
By way of example, the controller may process the received command in addition to managing the encryption key or decryption key for the namespace as described above. In this embodiment, the received command may be a host command sent to the SSD by the host through the host interface, or may be another command. Host commands include IO commands (again, divided into read commands and write commands), NS management commands, and password management commands. In addition, in the present embodiment, since a user password can be set for each namespace, the states of the namespaces are classified into an unlocked state (further classified into a password unlocked state and a password unlocked state) and a locked state according to the user password setting condition of the namespaces.
By way of example, for a read command, the method includes the steps of: in response to obtaining a first read command to access a first namespace, obtaining a first decryption key corresponding to the first namespace; and accessing the storage medium according to the first read command to obtain first ciphertext data, and decrypting the first ciphertext data by using the first decryption key to obtain first decrypted data serving as data to be read by the first read command. For a write command, the method includes the steps of: acquiring a first encryption key corresponding to a first namespace in response to acquiring a first write command accessing the first namespace; and encrypting the first plaintext data to be written in by the first write command according to the first encryption key, and writing the first encrypted data obtained after encryption into a storage medium.
For example, when the first namespace is in the unlocked state, the host has access to the first namespace, that is, the host may access the first namespace in the storage device according to the IO command, and in the process of accessing the first namespace, the data to be accessed may be encrypted or decrypted using the first encryption key or the first decryption key corresponding to the first namespace.
A storage device may typically have multiple namespaces, and the same encryption key or decryption key may be used for different namespaces, or different encryption keys or decryption keys may be used.
For example, for a second namespace that is different from the first namespace, the second namespace is in an unlocked state, and the method of processing the command includes: in response to obtaining a second read command to access a second namespace, obtaining a second decryption key corresponding to the second namespace, wherein the second decryption key is the same as or different from the first decryption key; and accessing the storage medium according to the second read command to obtain second ciphertext data, and decrypting the second ciphertext data by using the second decryption key to obtain second decrypted data serving as data to be read by the second read command. In response to obtaining a second write command to access a second namespace, obtaining a second encryption key corresponding to the second namespace, wherein the second encryption key is the same as or different from the first encryption key; and encrypting the second plaintext data to be written in by the second writing command according to the second encryption key, and writing the second encrypted data obtained after encryption into a storage medium.
According to the above method embodiments, the second decryption key is the same as or different from the first decryption key, and the second encryption key is the same as or different from the first encryption key.
In one application scenario, a first namespace is in a locked state or a password unlocked state, and in response to acquiring the first read command or the first write command, the first namespace is in the password unlocked state or the locked state, first feedback information of failure to access the first namespace is generated, and the first feedback information is sent to a host.
By way of example, reasons for failure to access the first namespace include: 1, the first namespace is in a locked state and therefore cannot respond to any IO commands. 2, the first naming space is in a password unlocking state, and the IO command can be responded only after password verification.
In this embodiment, the user password verification is not performed every time a host command is received, but is determined according to information sent by the host, and as an example, in response to obtaining a first user password input by a user and the first read command, the first namespace is in a password unlock state, a first password key corresponding to the first namespace is obtained, and the first user password is verified according to the first password key; and decrypting the first ciphertext data with the first decryption key to obtain the first decrypted data in response to passing the verification. And generating the first feedback information in response to the verification failure.
Wherein the first user password input by the user is acquired and the first read command can be the first read command and the first user password input by the user are received simultaneously; or first receiving the first reading command and then receiving the first user password; it is also possible to first receive the first user password and then receive the first read command. In one implementation scenario, the SSD may proactively require the host to provide a first user password upon receiving a first read command.
Similarly, in response to acquiring the first user password and the first write command, wherein the first namespace is in a password unlocked state, acquiring the first password key, and verifying the first user password according to the first password key; and in response to passing the verification, encrypting the first plaintext data according to the first encryption key to obtain the first encrypted data, and writing the first encrypted data into a storage medium. And generating the first feedback information in response to the verification failure.
For the second namespace different from the first namespace, the manner of responding to the IO command is the same as that of the first namespace, so that the description is omitted. The first password key and the second password key may be the same or different.
For example, if the first namespace and the second namespace are both in a password-free unlocked state, the first password key and the second password key generated from the default passwords may be the same because the first namespace and the second namespace may have the same default password.
For another example, if one of the first namespace and the second namespace is in a password-free unlocked state, the other is in a password-free unlocked state, and the namespaces in the password-free unlocked state have a default password and the namespaces in the password-free unlocked state have a manually set user password, the first password key and the second password key are different.
For another example, if the first namespace and the second namespace are both in the password unlocked state, the user passwords corresponding to the first namespace and the second namespace may be the same or different (completely determined by user preset), and thus the first password key and the second password key may be the same or different.
In this embodiment, the host may encrypt or decrypt data to be accessed using the first encryption key or the first decryption key corresponding to the first namespace in the process of accessing the first namespace, and may also manage a user password of the first namespace, for example, may set the user password for the first namespace, modify the user password, delete the user password, or cancel password authentication based on the password management command.
The state of the namespace is divided into an unlocked state (again, a password unlocked state and a password unlocked state) and a locked state, while the password management commands to which the states of different namespaces can respond are different. However, the first encryption key or the first decryption key corresponding to the first namespace is unchanged regardless of the password management command in response. For example, if the first namespace is in an unlocked state, a user password may be set, modified, or deleted for the first namespace according to a password management command. Accordingly, the password management command is a password setting command, a password modification command, and a password deletion command, and in the unlocked state, the first namespace is capable of responding to the password management command. The first encryption key or the first decryption key of the first namespace does not change while responding to the password management command.
In addition, in the unlocked state, the first namespace is also capable of canceling password authentication for the first namespace in response to a cancel password authentication command. Similarly, the first encryption key or the first decryption key of the first namespace does not change in response to the cancel password authentication command.
Furthermore, if the first namespace is in a locked state, the first namespace is capable of password authenticating the first namespace in response to a password authentication command. Similarly, the first encryption key or the first decryption key of the first namespace does not change while responding to the password authentication command.
For example, the password key and the encryption key or the decryption key are not associated, so that no matter how the user modifies the password (the password is changed), the encryption key or the decryption key is not affected, the decryption operation is not required to be performed by using the key corresponding to the user password before modification when the data access is performed, and then the encryption operation is performed by using the key corresponding to the user password after modification, thereby providing the encryption and decryption functions for the data in the naming space under the requirement of meeting low delay. In addition, the operation of managing the password does not change the encryption key and the decryption key, and the isolation between the user password and the encryption key or the decryption key is ensured.
In addition, the present application also provides a controller, the overall structure of which can be referred to as the control part 104 of fig. 1B, in particular, referring to fig. 1B, the controller can include a host command processing unit and a storage command processing unit; the host command processing unit is used for analyzing the first command and indicating the storage command processing unit according to the analysis result; the storage command processing unit is used for executing the operation corresponding to the first command according to the indication and changing or maintaining the state of the first naming space. The controller described above is capable of processing NVMe commands, NS management commands, and password management commands to implement the method steps of the various embodiments of fig. 2-18 of the present application. Since the related methods and circuit structures have been described in detail above, they are not described in detail herein. In particular, the structure and processing procedure inside the controller can be seen in fig. 4, 5, 7 and 10.
In addition, the embodiment of the present application further provides a memory device, that is, a memory device 102 as shown in fig. 1A and 1B, where the memory device 102 includes an interface 103, a control unit 104, one or more NVM chips 105, and a DRAM 110. The control unit 104 is included in the control unit 104, and the control unit 104 processes the first command from the host to implement the method steps of the various embodiments of fig. 2-18 of the present application, and since the related methods and circuit structures have been described in detail above, they will not be described in detail herein.
It should be noted that, for the sake of brevity, some methods and embodiments thereof are described in the present application as a series of actions and combinations thereof, but those skilled in the art will understand that the aspects of the present application are not limited by the order of the described actions. Thus, one of ordinary skill in the art will appreciate in light of the present disclosure or teachings that certain steps thereof may be performed in other sequences or concurrently. Further, those skilled in the art will appreciate that the embodiments described herein may be considered alternative embodiments, i.e., wherein the acts or modules involved are not necessarily required for the implementation of some or all aspects of the present application. In addition, the description of some embodiments of the present application also has an emphasis on each of them according to the scheme. In view of this, those skilled in the art will appreciate that portions of one embodiment of the present application that are not described in detail herein may also be referred to in connection with other embodiments.
In particular implementations, based on the disclosure and teachings of the present application, one of ordinary skill in the art will appreciate that several embodiments disclosed herein may also be implemented in other ways not disclosed herein. For example, in terms of the foregoing embodiments of the electronic device or apparatus, the units are split in consideration of the logic function, and there may be another splitting manner when actually implemented. For another example, multiple units or components may be combined or integrated into another system, or some features or functions in the units or components may be selectively disabled. In terms of the connection relationship between different units or components, the connections discussed above in connection with the figures may be direct or indirect couplings between the units or components. In some scenarios, the foregoing direct or indirect coupling involves a communication connection utilizing an interface, where the communication interface may support electrical, optical, acoustical, magnetic, or other forms of signal transmission.
While preferred embodiments of the present application have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. It is therefore intended that the following claims be interpreted as including the preferred embodiments and all such alterations and modifications as fall within the scope of the application. It will be apparent to those skilled in the art that various modifications and variations can be made in the present application without departing from the spirit or scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims and the equivalents thereof, the present application is intended to cover such modifications and variations.

Claims (10)

1. A method for managing data encryption and decryption keys is characterized in that,
acquiring first random Data (TRNG_Data_2), a storage device identification code (chip ID) and second random Data (LOC_TRNG_2), and obtaining an encryption key or a decryption key (last_rk) corresponding to one or more namespaces in the storage device according to the first random Data (TRNG_Data_2), the storage device identification code (chip ID) and the second random Data (LOC_TRNG_2);
and responding to the user password for adjusting the name space, and keeping the encryption key or the decryption key corresponding to the name space unchanged.
2. The method of claim 1, wherein the encryption keys or decryption keys corresponding to any two namespaces in the storage device are different; or multiple namespaces in the storage device correspond to the same encryption key or decryption key.
3. The method of claim 2, wherein the user passwords corresponding to any two namespaces are the same; or the user passwords corresponding to the namespaces are different.
4. A method according to any one of claim 1 to 3, wherein,
in response to receiving the plurality of IO commands indicating a plurality of first namespaces having the same encryption key or decryption key, encrypting or decrypting data to be accessed by each IO command with the same encryption key or decryption key; or (b)
In response to receiving the plurality of IO commands indicating a plurality of first namespaces having different encryption keys or decryption keys, respectively calling the encryption key or the decryption key corresponding to each first namespace to encrypt or decrypt data to be accessed by the corresponding IO command.
5. The method of claim 1, wherein the step of determining the position of the substrate comprises,
in response to receiving a password management command indicating a first namespace, user password management is performed on the first namespace in accordance with the password management command, and an encryption key or a decryption key of the first namespace is maintained unchanged.
6. A method of processing commands, comprising:
in response to obtaining a first read command to access a first namespace, wherein the first namespace is in an unlocked state, obtaining a first decryption key corresponding to the first namespace;
and accessing the storage medium according to the first read command to obtain first ciphertext data, and decrypting the first ciphertext data by using the first decryption key to obtain first decrypted data serving as data to be read by the first read command.
7. The method of claim 6, wherein the step of providing the first layer comprises,
In response to obtaining a first write command to access a first namespace, wherein the first namespace is in an unlocked state, obtaining a first encryption key corresponding to the first namespace;
and encrypting the first plaintext data to be written in by the first write command according to the first encryption key, and writing the first encrypted data obtained after encryption into a storage medium.
8. The method according to claim 6 or 7, wherein,
in response to obtaining a second read command accessing a second namespace, wherein the second namespace is in an unlocked state, obtaining a second decryption key corresponding to the second namespace, wherein the second decryption key is the same as or different from the first decryption key;
and accessing the storage medium according to the second read command to obtain second ciphertext data, and decrypting the second ciphertext data by using the second decryption key to obtain second decrypted data serving as data to be read by the second read command.
9. The method of claim 8, wherein the step of determining the position of the first electrode is performed,
responding to the first user password input by a user and the first reading command, wherein the first naming space is in a password unlocking state, a first password key corresponding to the first naming space is obtained, and the first user password is verified according to the first password key;
And decrypting the first ciphertext data with the first decryption key to obtain the first decrypted data in response to passing the verification.
10. A storage device comprising a storage medium and a controller for implementing the method of any one of claims 1 to 9.
CN202111449633.7A 2021-11-30 2021-11-30 Method for managing data encryption and decryption keys, method for processing commands and related products Pending CN116208320A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111449633.7A CN116208320A (en) 2021-11-30 2021-11-30 Method for managing data encryption and decryption keys, method for processing commands and related products

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111449633.7A CN116208320A (en) 2021-11-30 2021-11-30 Method for managing data encryption and decryption keys, method for processing commands and related products

Publications (1)

Publication Number Publication Date
CN116208320A true CN116208320A (en) 2023-06-02

Family

ID=86506509

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111449633.7A Pending CN116208320A (en) 2021-11-30 2021-11-30 Method for managing data encryption and decryption keys, method for processing commands and related products

Country Status (1)

Country Link
CN (1) CN116208320A (en)

Similar Documents

Publication Publication Date Title
US9529735B2 (en) Secure data encryption in shared storage using namespaces
US11194920B2 (en) File system metadata protection
US8286004B2 (en) Saving encryption keys in one-time programmable memory
US7428306B2 (en) Encryption apparatus and method for providing an encrypted file system
US11368299B2 (en) Self-encryption drive (SED)
US7596695B2 (en) Application-based data encryption system and method thereof
US8352751B2 (en) Encryption program operation management system and program
JP5175617B2 (en) Data protection system, data protection method, and memory card
US20120303974A1 (en) Secure Removable Media and Method for Managing the Same
JP4463320B1 (en) ENCRYPTION STORAGE DEVICE, INFORMATION DEVICE, AND ENCRYPTION STORAGE DEVICE SECURITY METHOD
US20120237024A1 (en) Security System Using Physical Key for Cryptographic Processes
JP2008257691A (en) System and method for storage device data encryption and data access
TW201833812A (en) Data storage device and operating method therefor
US9147087B2 (en) Method of accessing a data storage device
US20230179418A1 (en) Storage controller and method of operating electronic system
US20220045850A1 (en) Memory system encrypting data
CN116208320A (en) Method for managing data encryption and decryption keys, method for processing commands and related products
CN116204111A (en) Method for managing namespaces and storage device
US8689014B2 (en) Data encryption device and control method thereof
CN101763319A (en) Disk FDE (Full Disk Encryption) system and method
CN116361207A (en) Method and device for protecting and managing key
TW202036349A (en) Computer system and method for virtual hard disk encryption and decryption
US20150356028A1 (en) Storage device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination